CVE-2012-5580

Name of the Vulnerable Software and Affected Versions libproxy version 0.3.1

Description The issue is related to a format string vulnerability in the print proxies function. This could allow attackers to cause a denial of service or possibly execute arbitrary code via format string specifiers in a proxy name. The vulnerability can be exploited using the http proxy environment variable or a PAC file.

Recommendations For libproxy version 0.3.1, consider restricting access to the print proxies function until a patch is available. As a temporary workaround, avoid using format string specifiers in proxy names to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.